You are here

New phishing scam plays on curiosity

A new variant of scam email has been identified which includes very little information, simply asking you to “email back”.

Some examples may include offers of a reward, money or other opportunities.

While the offers might be similar to previous scam emails, these newer examples feature far less information. They play on your natural curiosity in the hope you’ll respond.

Once contact is established, like most other scams, the scammers work to access your money. Variants of this scam are known as “419”, “lottery”, or colloquially “Nigerian” scams, although Nigeria is no longer a hub of activity in this area.

Many of these kinds of scam emails offer a reward in exchange for assistance. In one form, the scam asks for assistance in moving money out of a country in trouble. The scammers offer the victim a small portion of the money in exchange for assistance in moving it. A common problem usually cited is that a fee or charge needs to be paid, and the victim is requested to pay it.

Remember, the goal of scammers is almost always your money.

After any initial payment, scammers will often try to increase the amount by pretending to have further problems that also require money. If a victim stops paying, scammers can become aggressive and threatening, which can also be of concern if the scammer has also obtained a victim’s address.

Recent versions of these scam emails feature far less information. The entire content of one such email is shown below:

2M USD to u, contact us at scammers [at] email.com

Once you reply, the scammer begins to offer more information. Often, the scammer won’t request money during the initial stages to avoid arousing suspicion. Scams are often very well planned, utilising a lot of known psychological weaknesses.

Do not reply to these emails under any circumstances. Simply delete them.

Avoiding email scams

Always be suspicious of any unsolicited messages, especially those asking for personal or financial information. If the email appears to be an unusual message from a known contact, you can verify with them via other means (such as telephone).

If you are unsure about the message, simply delete it.

Do not reply to the message and do not click any links in the email.

No reputable organisation will request personal or financial information unsolicited. Any organisation that does can be contacted back via alternative means. For example, if a banking representative rings you requesting personal information, you can call them back via their publicly listed number.

Unsolicited promises of prizes should be treated with suspicion. They can be a ploy for your financial or personal details.

You can report scams by forwarding the email to the Spam Intelligence Database at report [at] submit.spam.acma.gov.au, then delete the email.

More information

The information provided here is of a general nature. Everyone’s circumstances are different. If you require specific advice you should contact your local technical support provider.

Feedback

Thank you to those subscribers who have provided feedback to our Alerts, Advisories and Newsletters. We are very interested in your feedback and where possible take on board your suggestions or requests.

Disclaimer

This information has been prepared by Enex TestLab for the Department of Broadband, Communications and the Digital Economy ('the Department'). It was accurate and up to date at the time of publishing.

This information is general information only and is intended for use by private individuals and small to medium sized businesses. If you are concerned about a specific cyber security issue you should seek professional advice.

The Commonwealth, Enex TestLab, and all other persons associated with this advisory accept no liability for any damage, loss or expense incurred as a result of the provision of this information, whether by way of negligence or otherwise.

Nothing in this information (including the listing of a person or organisation or links to other web sites) should be taken as an endorsement of a particular product or service.

Please note that third party views or recommendations included in this information do not reflect the views of the Commonwealth, or indicate its commitment to a particular course of action. The Commonwealth also cannot verify the accuracy of any third party material included in this information.

Host of subscription service

The Commonwealth has engaged Ladoo Pty Ltd to host the Stay Smart Online Alert Service. All URL links should show the domain send.ladoo.com.au at hover over. URL links related to the administration of the service ('View online', 'Update your profile preferences' and 'unsubscribe') should direct you to web pages hosted by Ladoo Pty Ltd.

CONTACT US

Facebook: www.facebook.com/staysmartonlineEmail: staysmartonline [at] dbcde.gov.auWeb: www.staysmartonline.gov.auYou are receiving this message at the address robert.novelli [at] communications.gov.au.Update your profile preferencesIf you no longer wish to receive the SSO newsletter, you can unsubscribe.